You are previewing Emerging Trends in ICT Security.
O'Reilly logo
Emerging Trends in ICT Security

Book Description

Emerging Trends in ICT Security, an edited volume, discusses the foundations and theoretical aspects of ICT security; covers trends, analytics, assessments and frameworks necessary for performance analysis and evaluation; and gives you the state-of-the-art knowledge needed for successful deployment of security solutions in many environments. Application scenarios provide you with an insider’s look at security solutions deployed in real-life scenarios, including but limited to smart devices, biometrics, social media, big data security, and crowd sourcing.



  • Provides a multidisciplinary approach to security with coverage of communication systems, information mining, policy making, and management infrastructures
  • Discusses deployment of numerous security solutions, including, cyber defense techniques and defense against malicious code and mobile attacks
  • Addresses application of security solutions in real-life scenarios in several environments, such as social media, big data and crowd sourcing

Table of Contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Acknowledgments
    1. Review Board
  6. About the Editors
  7. List of Contributors
  8. Preface
  9. Part 1: Information and Systems Security
    1. Theory/Reviews of the Field
      1. Chapter 1. System Security Engineering for Information Systems
        1. Information in this chapter
        2. Introduction
        3. System security engineering history
        4. Established system security engineering methods, processes, and tools
        5. Modern and emerging system security engineering methods, processes, and tools
        6. Conclusion
        7. Recommendations
        8. Disclaimer
        9. Acknowledgments
        10. References
        11. Further reading
      2. Chapter 2. Metrics and Indicators as Key Organizational Assets for ICT Security Assessment
        1. Information in this chapter
        2. Introduction
        3. GOCAME strategy overview
        4. Security evaluation for a web system: A proof of concept
        5. Related work
        6. Conclusion and future work
        7. References
      3. Chapter 3. A Fresh Look at Semantic Natural Language Information Assurance and Security: NL IAS from Watermarking and Downgrading to Discovering Unintended Inferences and Situational Conceptual Defaults
        1. Information in this chapter
        2. Introduction
        3. Early breakthrough in NL IAS
        4. A sketch of ontological semantic technology
        5. Mature semantic NL IAS
        6. Summary
        7. Acknowledgments
        8. References
    2. Methods
      1. Chapter 4. An Approach to Facilitate Security Assurance for Information Sharing and Exchange in Big-Data Applications
        1. Information in this chapter
        2. Introduction
        3. UML extensions for XML security
        4. Extensions for policy modeling and integration
        5. Integrating local security policies into a global security policy
        6. Related work
        7. Conclusion
        8. References
      2. Chapter 5. Gamification of Information Security Awareness Training
        1. Information in this chapter
        2. Introduction
        3. Literature review
        4. Gamification system
        5. Conclusion and future plans
        6. Acknowledgments
        7. References
      3. Chapter 6. A Conceptual Framework for Information Security Awareness, Assessment, and Training
        1. Information in this chapter
        2. Introduction
        3. Background and literature
        4. Human factors and information security
        5. Information security learning continuum
        6. Dimensions of information security awareness
        7. A field study
        8. Concluding remarks
        9. References
        10. Further Reading
      4. Chapter 7. Security Projects for Systems and Networking Professionals
        1. Information in this chapter
        2. Introduction
        3. Background
        4. Cryptography
        5. Wireless network security
        6. Conclusion
        7. References
        8. Further Reading
    3. Case Study
      1. Chapter 8. Assessing the Role of Governments in Securing E-Business: The Case of Jordan
        1. Information in this chapter
        2. Introduction
        3. Literature review
        4. Security in Jordan’s E-business initiatives: An analysis
        5. Conclusion and recommendations
        6. References
  10. Part 2: Network and Infrastructure Security
    1. Theory Reviews of the Field
      1. Chapter 9. A Survey of Quantum Key Distribution (QKD) Technologies
        1. Information in this chapter
        2. Cryptography
        3. Quantum key distribution
        4. Quantum key distribution systems
        5. The future of QKD
        6. A military QKD usage scenario
        7. Conclusion
        8. Disclaimer
        9. Acknowledgments
        10. References
      2. Chapter 10. Advances in Self-Security of Agent-Based Intrusion Detection Systems
        1. Information in this chapter
        2. Introduction
        3. Overview
        4. Framework for self-security, self-reliability and self-integrity of agent-based IDSs
        5. Prototyping and extending IDS-NIDIA
        6. Tests
        7. Related works
        8. Conclusion
        9. Acknowledgments
        10. References
        11. Further reading
      3. Chapter 11. Secure Communication in Fiber-Optic Networks
        1. Information in this chapter
        2. Introduction
        3. Confidentiality
        4. Privacy and optical steganography
        5. Availability
        6. Summary
        7. References
    2. Methods
      1. Chapter 12. Advanced Security Network Metrics
        1. Information in this chapter
        2. Introduction
        3. Related work
        4. Method description
        5. Metrics definition
        6. Description of experiments
        7. Results of experiments
        8. Conclusion
        9. References
      2. Chapter 13. Designing Trustworthy Software Systems Using the NFR Approach
        1. Information in this chapter
        2. Introduction
        3. The NFR approach
        4. The Phoenix system and trustworthiness deficit
        5. Application of the NFR approach for designing a trustworthy Phoenix system
        6. Validation and lessons learned
        7. Summary
        8. Acknowledgments
        9. References
      3. Chapter 14. Analyzing the Ergodic Secrecy Rates of Cooperative Amplify-and-Forward Relay Networks over Generalized Fading Channels
        1. Information in this chapter
        2. Introduction
        3. Secure cooperative wireless communications
        4. Computational results
        5. Conclusion
        6. Appendix
        7. References
      4. Chapter 15. Algebraic Approaches to a Network-Type Private Information Retrieval
        1. Information in this chapter
        2. Introduction
        3. The data processing scheme and statement of the problem
        4. Algorithmic description of the solution
        5. Algebraic description of the solution
        6. Conclusion
        7. Summary
        8. References
      5. Chapter 16. Using Event Reasoning for Trajectory Tracking
        1. Information in this chapter
        2. Introduction
        3. Example
        4. Event model
        5. Scenario adapts
        6. Event functions and inference rules
        7. Experiments
        8. Summary
        9. Acknowledgments
        10. References
      6. Chapter 17. Resource-Efficient Multi-Source Authentication Utilizing Split-Join One-Way Key Chain
        1. Information in this chapter
        2. Introduction
        3. Related works
        4. Methodology
        5. Conclusion
        6. Acknowledgments
        7. References
      7. Chapter 18. Real-time Network Intrusion Detection Using Hadoop-Based Bayesian Classifier
        1. Information in this chapter
        2. Introduction
        3. Overview on Hadoop based technologies
        4. Survey of Intrusion Detection Systems
        5. Hadoop-based real-time Intrusion Detection: System architecture
        6. Practical application scenario and system evaluation
        7. Summary
        8. References
      8. Chapter 19. Optimum Countermeasure Portfolio Selection: A Knapsack Approach
        1. Information in this chapter
        2. Introduction
        3. The Knapsack problem and a dynamic programming solution
        4. Problem description
        5. The proposed binary knapsack-based approach and its dynamic programming algorithm
        6. Computational example and comparison
        7. Conclusion
        8. References
      9. Chapter 20. CSRF and Big Data: Rethinking Cross-Site Request Forgery in Light of Big Data
        1. Information in this chapter
        2. Introduction
        3. SOP and CSRF
        4. Motivation and related work
        5. Defenses against CSRF: Server and browser Sides
        6. Experiment results: CSRF in social media and networking sites
        7. Analysis of test framework with popular Web/URL scanning tools
        8. Conclusions and future work
        9. References
      10. Chapter 21. Security through Emulation-Based Processor Diversification
        1. Information in this chapter
        2. Introduction
        3. Background and challenges
        4. Proposed security approach
        5. A case study: Web server
        6. Experimentation and results
        7. Discussion
        8. Conclusions and future work
        9. Acknowledgments
        10. References
      11. Chapter 22. On the Use of Unsupervised Techniques for Fraud Detection in VoIP Networks
        1. Information in this chapter
        2. Introduction
        3. Background
        4. Signature-based fraud detection
        5. Experiments
        6. Conclusion
        7. References
  11. Part 3: Mobile and Cloud Computing
    1. Reviews of the Field
      1. Chapter 23. Emerging Security Challenges in Cloud Computing, from Infrastructure-Based Security to Proposed Provisioned Cloud Infrastructure
        1. Information in this chapter
        2. Introduction
        3. Background
        4. Infrastructure security
        5. Cloud service models
        6. Provisioned access control infrastructure (DACI)
        7. Conclusion
        8. References
    2. Methods
      1. Chapter 24. Detection of Intent-Based Vulnerabilities in Android Applications
        1. Information in this chapter
        2. Introduction
        3. Comparison to related work
        4. Model definition and notations
        5. Vulnerability modeling
        6. Security testing methodology
        7. Implementation and experimentation
        8. Conclusion
        9. Acknowledgments
        10. References
  12. Part 4: Cyber Crime and Cyber Terrorism
    1. Theory
      1. Chapter 25. A Quick Perspective on the Current State in Cybersecurity
        1. Information in this chapter
        2. Introduction
        3. The scope of cybersecurity
        4. Contributions
        5. Understanding the scope of cybersecurity
        6. Malware, the infectious disease, and phishing, the fraud
        7. Vulnerabilities: The long exploitable holes
        8. Data breach: A faulty containment
        9. Cyber-war, the latest war front
        10. Lessons learned
        11. References
      2. Chapter 26. A Paradigm Shift in Cyberspace Security
        1. Information in this chapter
        2. Introduction
        3. Cyber-terrorism
        4. A security paradigm shift in cyberspace
        5. Intelligent agents in security auditing
        6. Summary
        7. References
    2. Methods
      1. Chapter 27. Counter Cyber Attacks By Semantic Networks
        1. Information in this chapter
        2. Introduction
        3. Related work
        4. Methodology
        5. Experiments
        6. Conclusion and future work
        7. Acknowledgments
        8. References
      2. Chapter 28. Man-in-the-Browser Attacks in Modern Web Browsers
        1. Information in this chapter
        2. Introduction
        3. Browser architecture
        4. Man-in-the-browser attacks on different layers
        5. Countermeasures
        6. Conclusion
        7. References
      3. Chapter 29. Improving Security in Web Sessions: Special Management of Cookies
        1. Information in this chapter
        2. Introduction
        3. Related work
        4. Proposed mechanism for web session management
        5. Implementation and experiments
        6. Conclusion and further work
        7. References
      4. Chapter 30. Leveraging Semantic Web Technologies for Access Control
        1. Information in this chapter
        2. Introduction
        3. Implementing RBAC with ontologies
        4. Semantically extending the XACML attribute model
        5. Ontology-based context awareness
        6. Ontological specification of user preferences
        7. Semantic access control in online social networks
        8. DEMONS ontological access control model
        9. Discussion
        10. Acknowledgments
        11. References
      5. Chapter 31. Cyber Security Education: The Merits of Firewall Exercises
        1. Information in this chapter
        2. Introduction
        3. Criteria for firewall education
        4. Evaluation of firewall exercises
        5. Satisfying the criteria
        6. Emerging trends in firewall education
        7. Conclusion
        8. Acknowledgments
        9. References
    3. Case Study
      1. Chapter 32. Surveillance without Borders: The Case of Karen Refugees in Sheffield
        1. Information in this chapter
        2. Introduction
        3. Background
        4. Methodological issues
        5. Analyzing discourse
        6. The hacking incident
        7. “We are Watching You”: Analysis of discourse messages posted
        8. Conclusion
        9. Appendix
        10. References
        11. Further Reading
  13. Part 5: Focus Topics: From Online Radicalisation to Online Financial Crime
    1. Theory
      1. Chapter 33. A Framework for the Investigation and Modeling of Online Radicalization and the Identification of Radicalized Individuals
        1. Information in this chapter
        2. Introduction
        3. Systematic consideration of influencing factors: The radicalization-factor model
        4. Identification of radicalized individuals: Behavioral indicators
        5. Application of the framework
        6. References
      2. Chapter 34. Preventing Terrorism Together: A Framework to Provide Social Media Anti-Radicalization Training for Credible Community Voices
        1. Information in this chapter
        2. Introduction
        3. Online radicalization
        4. Collaboration in counter-terrorism
        5. Credible voices
        6. Conclusion
        7. References
    2. Methods
      1. Chapter 35. Investigating Radicalized Individual Profiles through Fuzzy Cognitive Maps
        1. Information in this chapter
        2. Introduction
        3. The radicalization process: How can it happen?
        4. Investigating radical online profiles: A short overview of existing methods
        5. Fuzzy cognitive mapping of factors for self-radicalization as an alternative approach
        6. Conclusion
        7. References
      2. Chapter 36. Financial Security against Money Laundering: A Survey
        1. Information in this chapter
        2. Money laundering
        3. Anti-money laundering efforts
        4. Estimating the extent of ML
        5. Data mining techniques for ML detection
        6. Conclusion
        7. References
      3. Chapter 37. Intelligent Banking XML Encryption Using Effective Fuzzy Logic
        1. Information in this chapter
        2. Introduction
        3. Literature review
        4. System model and design
        5. Experiments and results
        6. Summary
        7. References
        8. Further Reading
  14. Index